• @[email protected]
    link
    fedilink
    English
    111 year ago

    Not infosec but work with them closely this makes sense. If my laptop gets stolen or compromised it’s more likely to occur outside of the office or a VPN session. If I have sessions established with admin I 100% want them to forcefully logout if my network changes. This would prevent a common scenario of bad actors from using a pre existing admin session.

    • @vin
      link
      English
      31 year ago

      Yes, it makes sense. Can not doing it be considered gross negligence?

      • @[email protected]
        link
        fedilink
        English
        3
        edit-2
        1 year ago

        What negligence? If I read the policy change by Okta they’re ensuring that security of killing an admin session if the network changes.

        Edit - unless you mean not mandating the feature by default? As a SaaS solution Okta is set to provide the tools for any company to use which they’re doing. They provide the ability to enable tighter security but it’s not their problem to solve. They could argue successfully that a company can and should enable their own security provisions that may overlap.

        To use non-IT terms, Okta is providing a box of knives to a teacher. The expectation is the teacher ensures if the kids can use the knives or not. Okta can take out the sharpest knives if you ask them to but you have to ask.

        • @vin
          link
          English
          21 year ago

          Thanks!